We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
TrojanDropper:Win32/Banker.J
Aliases: Trojan.Banker!Qc6E0s1OqHA (VirusBuster) Proxy.dropper (AVG) DR/Banker.AK (Avira) Generic.Banker.OT.5C6A27FD (BitDefender) Trojan.PWS.Banker1.1298 (Dr.Web) BAT/Spy.Banker.W trojan (ESET) Trojan-Banker.BAT.Banker.v (Kaspersky) PWS-Banker!hcq (McAfee) Infostealer.Bancos (Symantec) TROJ_BANKER.JDR (Trend Micro)
Summary
TrojanDropper:Win32/Banker.J is a trojan that drops a malicious JScript file, detected as TrojanProxy:JS/Banker.N, that may redirect your browser traffic through an attacker-controlled proxy server.
To detect and remove this threat and other malicious software that may be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products detect and remove this threat:
- Microsoft Security Essentials
- Microsoft Safety Scanner
- Windows Defender
- Microsoft Windows Malicious Software Removal Tool
For more information on antivirus software, see http://www.microsoft.com/windows/antivirus-partners/.
Additional remediation instructions for TrojanDropper:Win32/Banker.J
This threat may make lasting changes to a computer's configuration that are NOT restored by detecting and removing this threat. For more information on returning an infected computer to its pre-infected state, please see the following article/s:
